Lucene search

K
nessusTenable6556.PRM
HistoryAug 28, 2012 - 12:00 a.m.

PHP 5.3.x < 5.3.15 Multiple Vulnerabilities

2012-08-2800:00:00
Tenable
www.tenable.com
12

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.163 Low

EPSS

Percentile

96.0%

PHP versions 5.3.x earlier than 5.3.15 are affected by the following vulnerabilities.

    • An unspecified overflow vulnerability exists in the function ‘_php_stream_scandir’ in the file ‘main/streams/streams.c’. (CVE-2012-2688)
  • An unspecified error exists that can allow the ‘open_basedir’ constraint to be bypassed. (CVE-2012-3365)

Binary data 6556.prm
VendorProductVersionCPE
phpphpcpe:/a:php:php

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.163 Low

EPSS

Percentile

96.0%